Employees in a business enterprise access email services through networked personal computer devices, such as laptop computers, smart phones, and the like, while Information Technology (IT) personnel manage the email services through networked enterprise servers. The employees may receive suspicious email messages that may or may not contain malware from unsolicited, unrecognized sources. Typically, the employees do not have a convenient, standardized way to report the suspicious email message to the IT personnel, so that the IT personnel can investigate the report. Assuming that the employees are able to report the email messages, the IT personnel often pursue a manually intensive and somewhat random investigatory process to determine whether the email messages are either innocuous or pose a serious threat. In large business enterprises, this manually intensive and random approach to handling suspicious email messages is burdensome on both the employees and IT personnel and also leads to inconsistent report resolutions.